You might hate Denuvo, SECUROM and VMProtect, but we can bet with some certainty that you'd dislike the DRM installed with FSLab's new A320-X expansion for Microsoft's Flight Simulator X even more. The new content patch adds a new plane to the game, but along with it comes a new piece of DRM that goes further than anything else we've ever come across.
This particular piece of DRM is designed to stop pirates from accessing the content, but also seems to steal user passwords as well. It's called a "Chrome Password Dump tool," as Reddit puts it (via PCGamer) which FSLabs claims just informs the company if a pirated serial code is being used. Many players are concerned that it has the potential to do much more than that though, even revealing passwords for other applications and websites they use.
"'Test.exe' is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally," FSLabs founder Lefteris Kalamaras said in a statement. "That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product. The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number (not blacklisted numbers)."
Some security professionals have confirmed that the tool is only activated when a pirated serial code is detected. Even if that is the case though, the tool still strips passwords from the Chrome browser and sends them over HTTP, without proper encryption. It's a massive privacy invasion and is described by one professional as the most extreme example of DRM they have ever come across.
FSLabs has since updated the installer without the DRM system in place.